Methods and Systems for User Authentication in a Computer System Using Multi-Component Log-Ins, Including Image-Based Log-Ins

1. A system, comprising: a computer system having a processor and a memory; and a non-transitory computer-readable medium encoding instructions for computer-based user authentication and for execution by the processor, the instructions programmed to cause the processor to receive, into the memory, a request from a user to access an application on the computer system, in response to receiving the request to access the application, access user information pertaining to the user, wherein the user information comprises information related to a plurality of verification image/key definition combinations that are associated with the user and that are concurrently available to the processor to use in confirming user access rights to the application, and wherein a challenge verification image/key definition has associated therewith: a challenge verification image with a set of challenge target locations comprising a portion of locations on the challenge verification image, a challenge key comprising a set of challenge actions to be performed by a user on a display of the challenge verification image at the challenge target locations, and a key definition comprising an identification of the set of challenge actions and the set of challenge target locations that make up the challenge key; and select a login verification image from among the challenge verification images associated with the user, present a display of the selected login verification image to the user, and in response to receiving an access key comprising login actions performed by the user on the display of the selected login verification image at login locations on the selected login verification image, verify the received access key by comparing the received access key with the challenge key associated with the selected login verification image, wherein the comparing comprises: determining an identity between the login actions and the challenge actions associated with the selected login verification image and determining an identity between the login locations and the challenge target locations associated with the selected login verification image; and generate an authorization to allow the user to access the application in response to the verification of the received access key.

2. The system of claim 1 , wherein the challenge key associated with the challenge verification image is established by the user, and wherein the instructions are further programmed to cause the processor to receive, into the memory, a request from the user to set up an image-based password for the challenge verification image for user authentication on the computer system, access the user information for the user in response to receiving the request to set up the image-based password, receive, from the user, the challenge key for the challenge verification image and the key definition for the challenge key, wherein the challenge verification image is selected by the user, wherein the set of challenge target locations for the challenge key is chosen by the user, and wherein the set of challenge actions for the challenge key is chosen by the user; associate the key definition with the selected challenge verification image to form a new verification image/key definition combination in response to receipt of the key definition; and store, with the user information, information related to the new verification image/key definition combination.

3. The system of claim 2 , wherein the instructions are further programmed to cause the processor to perform at least one of the following activities: displaying verification image candidates to the user for review and selection as the challenge verification image, allowing the user to submit a new challenge verification image, and displaying one of the user's previous challenge verification images, comprising one of the challenge verification images already associated with the user information, in order to allow the user to establish a new key definition for the one of the user's previous challenge verification image.

4. A system, comprising: a computer system having a processor and a memory; and a non-transitory computer-readable medium encoding instructions for establishing image-based passwords for computer-based user authentication and for execution by the processor, the instructions programmed to cause the processor to receive, into the memory, a request from a user to set up the image-based password for user authentication on the computer system; access user information in response to receiving the request to set up an image-based password; wherein the user information comprises information related to a plurality of verification image/key definition combinations associated with the user, wherein the plurality of verification image/key definition combinations are concurrently available to the processor for use in confirming user access rights to the computer system; receive, from the user, a key and a key definition for the key, the key developed by the user on a display of a verification image, wherein the key comprises a set of actions to be performed by the user on the display of the verification image at a set of target locations on the verification image, the set of target locations comprising a portion of locations on the verification image, and wherein the key definition comprises an identification of the set of actions and the set of target locations that make up the key; and associate the key definition with the verification image to form a new verification image/key definition combination; and store information related to the new verification image/key definition combination associated with the user information.

5. The system of claim 4 , wherein the instructions are further programmed to cause the processor to perform at least one of the following activities: display verification image candidates to the user for review and selection of one candidate as the verification image, allow the user to submit a new verification image, and display one of the user's previous verification images, comprising one of the verification images already associated with the user information, in order to allow the user to establish a new key definition for the one of the user's previous verification images.

6. A method, comprising receiving, into a memory associated with a processor, a request from a user to access an application on a computer system; in response to receiving the request to access the application, accessing user information pertaining to the user, wherein the user information comprises information related to a plurality of verification image/key definition combinations that are associated with the user and that are concurrently available to the processor to use in confirming user access rights to the application, and wherein a challenge verification image/key definition combination has associated therewith: a challenge verification image with a set of challenge target locations comprising a portion of challenge target locations on the challenge verification image, a challenge key comprising a set of challenge actions to be performed by the user on a display of the challenge verification image at the challenge target locations, and a key definition comprising an identification of the set of challenge actions and the set of challenge target locations that make up the challenge key; selecting a login verification image from among the challenge verification images associated with the user; displaying the selected login verification image to the user; in response to receiving an access key comprising login actions performed by the user on the display of the selected login verification image at login locations on the selected login verification image, verifying the received access key by comparing the received access key with the challenge key associated with the selected login verification image, wherein the comparing comprises determining an identity between the login actions and the challenge actions associated with the login verification image, and determining an identity between the login locations and the challenge target locations associated with the login verification image; and in response to verification of the received access key, generating an authorization that allows the user to access the application.

7. The method of claim 6 , wherein the set of challenge actions to be performed on the display of the challenge verification image comprises at least one of the following actions: selecting at least one challenge target location on the display of the challenge verification image; selecting the challenge target locations in a selected order; selecting the challenge target locations with a selected pattern; selecting at least one overlay with which to cover the at least one challenge target location; superimposing a challenge target location with a selected overlay; covering the challenge target locations with overlays in a selected superimposing order; and covering the challenge target locations with the overlays in a selected superimposing pattern.

8. The method of claim 6 , wherein the challenge key associated with the challenge verification image is established by the user; and further comprising: receiving into the memory, a request from a user to set up an image-based password for the challenge verification image for user authentication on the computer system; accessing the user information for the user in response to receiving the request to set up the image-based password; receiving, from the user, the challenge key for the challenge verification image and the key definition for the challenge key, wherein the challenge verification image is selected by the user, wherein the set of challenge target locations for the challenge key is chosen by the user, and wherein the set of challenge actions for the challenge key is chosen by the user; in response to receipt of the key definition, associating the key definition with the selected challenge verification image to form a new verification image/key definition combination; and storing, with the user information, information related to the new verification image/key definition combination.

9. A method, comprising: receiving, into a memory of a computer system, a request from a user to establish an image-based password for user authentication on the computer system; accessing user information in response to receiving the request to set up an image-based password, wherein the user information comprises information related to a plurality of verification image/key definition combinations associated with the user, and wherein the plurality of verification image/key definition combinations are concurrently available to the processor for use in confirming user access rights to the computer system; receive, from the user, a key and a key definition for the key, the key developed by the user on a display of a verification image, wherein the key comprises a set of actions to be performed by the user on the display of the verification image at a set of target locations on the verification image, the set of target locations comprising a portion of locations on the verification image, and wherein the key definition comprises an identification of the set of actions and the set of target locations that make up the key; and associating the key definition with the verification image to form a new verification image/key definition combination; and storing information related to the new verification image/key definition combination with the user information.

10. The method of claim 9 , further comprising the computer system performing at least one of the following activities: displaying verification image candidates to the user for review and selection of one candidate as the verification image, allowing the user to submit a new verification image, and displaying one of the user's previous verification images, comprising one of the verification images already associated with the user information, in order to allow the user to establish a new key definition for the one of the user's previous verification image.

11. One or more computer-readable, nontransitory media, having stored thereon one or more computer programs programmed to cause a computer to: receive, into a memory of the computer, a request from a user to access an application on a computer system, in response to receiving the request to access the application, access user information pertaining to the user, wherein the user information comprises information related to a plurality of verification image/key definition combinations that are associated with the user and that are concurrently available to a processor of the computer to use in confirming user access rights to the application, and wherein a challenge verification image/key definition combination has associated therewith: a challenge verification image with a set of challenge target locations comprising a portion of locations on the challenge verification image, a challenge key comprising a set of challenge actions to be performed by a user on a display of the challenge verification image at the challenge target locations, and a key definition comprising an identification of the set of challenge actions and the set of challenge target locations that make up the challenge key; and select a login verification image from among the challenge verification images associated with the user, present a display of the selected login verification image to the user, and in response to receiving an access key comprising login actions performed by the user on the display of the selected login verification image at login locations on the selected login verification image, verify the received access key by comparing the received access key with the challenge key associated with the selected login verification image, wherein the comparing comprises: determining an identity between the login actions and the challenge actions associated with the login verification image, and determining an identity between the login locations and the challenge target locations associated with the login verification image; and generate an authorization to allow the user to access the application in response to the verification of the received access key.

12. The one or more computer-readable, nontransitory media of claim 11 , wherein the challenge key associated with the challenge verification image is established by the user; and wherein the one or more computer programs are further programmed to cause the computer to: receive, into the memory, a request from the user to set up an image-based password for the challenge verification image for user authentication on the computer system, access the user information for the user in response to receiving the request to set up the image-based password, receive, from a user, a challenge key for the challenge verification image and a key definition for the key, wherein the challenge verification image is selected by the user, wherein the set of challenge target locations for the challenge key is chosen by the user, and wherein the set of challenge actions for the challenge key is chosen by the user; associate the key definition with the selected challenge verification image to form a new verification image/key definition combination in response to receipt of the key definition; and store, with the user information, information related to the new verification image/key definition combination.

13. One or more computer-readable, nontransitory media, having stored thereon one or more computer programs programmed to cause a computer to: receive, into the memory, a request from a user to set up an image-based password for user authentication on a computer system; access user information in response to receiving the request to set up an image-based password; wherein the user information comprises information related to a plurality of verification image/key definition combinations associated with the user, wherein the plurality of verification image/key definition combinations are concurrently available to a processor of the computer for use in confirming user access rights to the computer system; receive, from a user, a key and a key definition for the key, the key developed by the user on a display of a verification image, wherein the key comprises a set of actions to be performed by the user on the display of the verification image at a set of target locations on the verification image, the set of target locations comprising a portion of locations on the verification image, and wherein the key definition comprises an identification of the set of actions and the set of target locations that make up the key; and associate the key definition with the verification image to form a new verification image/key definition combination; and store information related to the new verification image/key definition combination associated with the user information.

14. A system, comprising: a computer system having a processor and a memory; and a non-transitory computer-readable medium encoding instructions for computer-based user authentication and for execution by the processor, the instructions programmed to cause the processor to receive, into the memory, a request to establish or enhance security for an image-based password having a plurality of components, wherein among the plurality of components is a component related to a verification image with a plurality of regions upon which actions could be applied, and wherein among the plurality of regions is a target location having associated therewith characteristics comprising a position on the verification image and a set of one or more of the actions for applying to the target location; and in response to receiving the request to establish or enhance the security for the password, perform a security operation on a selected component of the password wherein the selected component has information related to one of the characteristics of the target location, and wherein the security operation comprises: performing an encryption of the selected component, and storing information related to the encryption at a user processor and at the computer system for use in encryption and decrypting the selected component.

15. The system of claim 14 , wherein the security operation has not been performed on at least one other component of the password having a plurality of components.

16. The system of claim 14 , wherein the instructions programmed to cause the processor to perform the encryption on the selected component further comprises instructions programmed to cause the processor to encrypt the information related to the position of the target location on the verification image.

17. The system of claim 16 , wherein the instructions programmed to cause the processor to encrypt the information related to the position of the target location on the verification image further comprise instructions programmed to cause the processor to: establish a grid for the verification image to uniquely identify the position of the target location on the verification image by grid cells associated therewith; populate the grid cells with elements of content in order to define an encryption of the identified position of target location on the verification image based on the content of the grid cells associated with the position of the target location; and store information related to the grid and its grid cells at a user processor and at the computer system for use in encrypting and decrypting the identified position of the target location on the verification image.

18. The system of claim 17 , further comprising instructions programmed to cause the processor to redefine the encryption of the identified positions of the target location on the verification image by modifying the elements of content in the grid cells; storing information related to the modified grid cells at the user processor and at the computer system; and performing the encrypting and decrypting of the identified position of the target location on the verification image using the information related to the modified grid cells.

19. A method, comprising: receiving, into a memory associated with a processor, a request to establish or enhance security for an image-based password having a plurality of components, wherein among the plurality of components is a component related to a verification image with a plurality of regions upon which actions could be applied, and wherein among the plurality of regions is a target location having associated therewith characteristics comprising a position on the verification image and a set of one or more of the actions for applying to the target location; and in response to receiving the request to establish or enhance the security for the password, a processor performing a security operation on a selected component of the password, wherein the selected component has information related to one of the characteristics of the target location, and wherein the security operation comprises: performing an encryption of the selected component, and storing information related to the encryption at a user processor and at a computer system for use in encrypting and decrypting the selected component.

20. The method of claim 19 , wherein the security operation has not been performed on at least one other component of the password having a plurality of components.

21. The method of claim 19 , wherein the computer system performing the encryption on the selected component further comprises the computer system encrypting the information related to the position of the target location on the verification image.

22. The method of claim 21 , wherein the computer system encrypting the information related to the positions of the target location on the verification image further comprises the computer system: establishing a grid for the verification image to uniquely identify the position of the target location on the verification image by grid cells associated therewith; populating the grid cells with elements of content in order to define an encryption of the identified position of the target location on the verification image based on the content of the grid cells associated with the position of the target location; and storing information related to the grid and its grid cells at a user processor and at the computer system for use in encrypting and decrypting the identified position of the target location on the verification image.

23. The method of claim 22 , further comprising the computer system redefining the encryption of the identified positions of the at least one target location on the verification image by modifying the elements of content in the grid cells, storing information related to the modified grid cells at the user processor and at the computer system; and performing the encrypting and decrypting of the identified positions of the target location on the verification image using the information related to the modified grid cells.

24. One or more computer-readable, nontransitory media, having stored thereon one or more computer programs programmed to cause a computer to: receive, into a memory of the computer, a request to establish or enhance security for an image-based password having a plurality of components wherein among the plurality of components is a component related to a verification image with a plurality of regions upon which actions could be applied, and wherein among the plurality of regions is a target location having associated therewith characteristics comprising a position on the verification image and a set of one or more of the actions for applying to the target location; and in response to receiving the request to establish or enhance the security for the password, performing a security operation on a selected component of the password wherein the selected component has information related to one of the characteristics of the target location, and wherein the security operation comprises: performing an encryption of the selected component, and storing information related to the encryption at a user processor and at the computer system for use in encrypting and decrypting the selected component.

25. The one or more computer-readable, nontransitory media of claim 24 , wherein the security operation has not been performed on at least one other component of the password having a plurality of components.

26. The one or more computer-readable, nontransitory media of claim 24 , wherein causing the computer to perform the encryption on the selected component further comprises causing the computer to encrypt the information related to the position of the target location on the verification image.

27. The one or more computer-readable, nontransitory media of claim 26 , wherein causing a computer to encrypt the information related to the position of the target location on the verification image further comprises causing a computer to: establish a grid for a verification image to uniquely identify the position of the target location on the verification image by grid cells associated therewith; populate the grid cells with elements of content in order to define an encryption of the identified position of the target location on the verification image based on the content of the grid cells associated with the position of the target location; and store information related to the grid and its grid cells at a user processor and at the computer system for use in encrypting and decrypting the identified position of the target location on the verification image.

28. The one or more computer-readable, nontransitory media of claim 27 , further comprising causing a computer to redefine the encryption of the identified positions of the at least one target location on the verification image by modifying the elements of content in the grid cells, storing information related to the modified grid cells at the user processor and at the computer system; and performing the encrypting and decrypting of the identified positions of the target location on the verification image using the information related to the modified grid cells.